Proton Mail is a decent secure and free option because they uses zero-access end-to-end encryption. Proton can’t read them even if they wanted to, which they don’t. They will comply with Swiss court orders when required to disclose the IP address but the encrypted content remains secure.
The free service is intended as the hook to get people to subscribe to one of their paid services.
Interesting, I’ll give them a look and see if it works with my situation.
> I second Proton Mail
Yep, Proton is good.
Vendors are learning that the best way to not only protect their customers' data, but also their company from liability, is to employ "Zero-Trust" architecture. In the case of a cloud application, it means to do all encryption/decryption locally on the customer's computer, using AES-256. Nothing leaves the customer's computer that isn't encrypted. The vendor doesn't have to worry about breaches causing anybody to sue them, and the customers' data is secure.
In fact, "Zero-Trust" ASSUMES that sooner or later there will be a breach and the bad guys will get the data stored in the cloud. Since it's encrypted with a key that lives only on the customer's computer, the bad guys are out of luck.
Keeper Security Password Manager does that. Highly recommended, but it's not free.
BTW, end-to-end (E2E) encryption does not in itself guarantee that your data is encrypted at the vendor's facility (data at rest). E2E is about the transmission, with a sender and a recipient who can both read the data, and thus allows the vendor to store plaintext after decryption at their facility.